mirror/openvpn
0
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2024-09-20 03:52:28 +02:00
Code
414f428fa2
openvpn/tests/t_client.rc-sample
Frank Lichtenheld 0c7cf0694e t_client.sh: Allow to skip tests 
Individual tests can define a script to run to test
whether they should be skipped.

Included in this commit is an example check which
checks whether we can do NTLM checks. This fails
e.g. on recent versions of Fedora with mbedTLS
(tested with Fedora 39) or when NTLM support is not
compiled in.

v2:
 - ntlm_support:
   - support OpenSSL 3
   - allow to build without cmocka
v3:
 - add example to t_client.rc-sample
 - t_client.sh code style
 - use syshead.h in error.h
v5:
 - rename SKIP_x to CHECK_SKIP_x

Change-Id: I13ea6752c8d102eabcc579e391828c05d5322899
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20240308102818.9249-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/search?l=mid&q=20240308102818.9249-1-gert@greenie.muc.de
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2024-03-08 12:27:05 +01:00

120 lines
3.5 KiB
Plaintext
Raw Blame History

#
# this is sourced from t_client.sh and defines which openvpn client tests
# to run
#
# (sample config, copy to t_client.rc and adapt to your environment)
#
#
# define these - if empty, no tests will run
#
top_srcdir="${top_srcdir:-..}"
CA_CERT="${top_srcdir}/sample/sample-keys/ca.crt"
CLIENT_KEY="${top_srcdir}/sample/sample-keys/client.key"
CLIENT_CERT="${top_srcdir}/sample/sample-keys/client.crt"
#FPING_EXTRA_ARGS="-t 1000"
# Load EXPECT_IFCONFIG* parameters from cache
if [ -r "${top_builddir}/t_client_ips.rc" ]; then
. "${top_builddir}/t_client_ips.rc"
else
echo "NOTICE: missing t_client_ips.rc will be auto-generated"
fi
#
# remote host (used as macro below)
#
REMOTE=mytestserver
#
# tests to run (list suffixes for config stanzas below)
#
TEST_RUN_LIST="1 2 2n"
#
# use "sudo" (etc) to give openvpn the necessary privileges
# if this is not active, "make check" must be run as root
#
#RUN_SUDO=sudo
#
# base confic that is the same for all the p2mp test runs
#
OPENVPN_BASE_P2MP="--client --ca $CA_CERT \
--cert $CLIENT_CERT --key $CLIENT_KEY \
--remote-cert-tls server --nobind --comp-lzo --verb 3"
# base config for p2p tests
#
OPENVPN_BASE_P2P="..."
#
#
# now define the individual tests - all variables suffixed with _1, _2 etc
# will be used in test run "1", "2", etc.
#
# if something is not defined here, the corresponding test is not run
#
# common test options:
#
# RUN_TITLE_x = "what is being tested on here" (purely informational)
# OPENVPN_CONF_x = "how to call ./openvpn" [mandatory]
# EXPECT_IFCONFIG4_x = "this IPv4 address needs to show up in ifconfig"
# EXPECT_IFCONFIG6_x = "this IPv6 address needs to show up in ifconfig"
# PING4_HOSTS_x = "these hosts musts ping when openvpn is up (IPv4 fping)"
# PING6_HOSTS_x = "these hosts musts ping when openvpn is up (IPv6 fping6)"
#
# hook test options:
#
# CHECK_SKIP_x = "commands to execute before openvpn, skip test on failure"
# PREPARE_x = "commands to execute before openvpn"
# POSTINIT_CMD_x = "commands to execute after openvpn but before ping"
# CLEANUP_x = "commands to execute after the test"
#
# Note: all hooks are "eval"ed, so run in the original shell of the t_client.sh
# script, not a child process.
#
# Test 1: UDP / p2mp tun
# specify IPv4+IPv6 addresses expected from server and ping targets
#
RUN_TITLE_1="testing tun/udp/ipv4+ipv6"
OPENVPN_CONF_1="$OPENVPN_BASE_P2MP --dev tun --proto udp --remote $REMOTE --port 51194"
PING4_HOSTS_1="10.100.50.1 10.100.0.1"
PING6_HOSTS_1="2001:db8::1 2001:db8:a050::1"
# Test 2: TCP / p2mp tun
#
RUN_TITLE_2="testing tun/tcp/ipv4+ipv6"
OPENVPN_CONF_2="$OPENVPN_BASE_P2MP --dev tun --proto tcp --remote $REMOTE --port 51194"
PING4_HOSTS_2="10.100.51.1 10.100.0.1"
PING6_HOSTS_2="2001:db8::1 2001:db8:a051::1"
# run command after openvpn initialization is done - here: delay 5 seconds
POSTINIT_CMD_2="sleep 5"
# Test 2n: TCP / p2mp tun / via NTLM proxy
RUN_TITLE_2n="testing tun/tcp/ntlm-proxy"
OPENVPN_CONF_2n="$OPENVPN_BASE_P2MP --dev tun --proto tcp --remote $REMOTE --port 51194
--http-proxy 192.168.1.2 8080 $KEYBASE/t_client_auth.txt ntlm --http-proxy-option VERSION 1.1"
PING4_HOSTS_2n="10.100.51.1 10.100.0.1"
PING6_HOSTS_2n="2001:db8::1 2001:db8:a051::1"
# skip test if NTLM support is not available
CHECK_SKIP_2n="${top_builddir}/tests/ntlm_support"
# Test 3: UDP / p2p tun
# ...
# Test 4: TCP / p2p tun
# ...
# Test 5: UDP / p2mp tap
# ...
# Test 6: TCP / p2mp tun
# ...
# Test 7: UDP / p2p tap
# ...
# Test 8: TCP / p2p tap
# ...
# Test 9: whatever you want to test... :-)
View Git Blame Copy Permalink